Here is the nmap command I'm using to try to change counters other than match when I type pfctl -s info

Quote:

nmap --ip-options "R" --mtu 8 -sA --ttl 1 192.168.1.112

I'm scrubbing inbound traffic so shouldn't that command change a number of PF statistics other than just "match"? I'd like to be able to verify someway that PF is actually working. For example it is actually scrubbing traffic, and everything I've tried hasn't worked.

Add some log modifiers to your pf ruleset. Then you can use tcpdump -eni pflog0 to verify which rule matched a packet.

I can do that, but for example if I do a tcpdump -eni pflog0 not reason match" then I don't get any results. There are a lot of other reasons in the PF manual such as bad-offset, fragment, short, normalize, memory, etc., and I'd like to be able to trigger those and see them in the logs, or in the pf info stats.